- IT Knowledge Base
- How to stop/start and disable/enable firewall on Oracle Linux 7.
- fekrado
- Поиск по этому блогу
- Отключение Firewall в Oracle Linux
- Отключение Firewall в Oracle Linux
- Ярлыки
- Комментарии
- Отправить комментарий
- Популярные сообщения из этого блога
- Установка и конфигурирование Oracle Enterprise Manager 13c.
- Команды Yum (Oracle linux,Cent os, RHEL)
- Отключить iptables oracle linux
- Oracle Database 12c on Oracle Linux 6 – Step 5: Disable the Firewall, iptables and SELINUX
IT Knowledge Base
How to stop/start and disable/enable firewall on Oracle Linux 7.
Fedora 18 introduced firewalld as a replacement for the previous iptables service. Since RHEL7 and Oracle Linux 7 are based on Fedora 19, the switch from iptables service to firewalld is now part of the Enterprise Linux distributions.
The firewall on Oracle Linux 7 system is enabled by default. Normally there should not be a need to disable firewall but it may be quite handy for testing purposes etc. The firewall runs as firewalld daemon. Bellow command can be used to check the firewall status:
[root@orclprod ~]# systemctl status firewalld firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled) Active: active (running) since Fri 2015-10-16 14:54:37 CEST; 18s ago Main PID: 2481 (firewalld) CGroup: /system.slice/firewalld.service L¦2481 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid Oct 16 14:54:37 orclprod systemd[1]: Started firewalld - dynamic firewall d. n. Hint: Some lines were ellipsized, use -l to show in full.
From the above output we can see that the firewall is enabled, which means it will start automatically after reboot and that is also current active. Furthermore, you can even check all currently applied rules with:
[root@orclprod ~]# iptables-save
You need to distinguish between the iptables service and the iptables command. Although firewalld is a replacement for the firewall management provided by iptables service, it still uses the iptables command for dynamic communication with the kernel packet filter (netfilter). So it is only the iptables service that is replaced, not the iptables command. That can be a confusing distinction at first.
The firewall on Oracle Linux 7 system can be stopped by a following command:
[root@orclprod ~]# service firewalld stop Redirecting to /bin/systemctl stop firewalld.service
Stopped firewall will start again after system’s reboot. To start firewall use the following command:
[root@orclprod ~]# service firewalld start Redirecting to /bin/systemctl start firewalld.service
In order to completely disable OL7 firewall, so it would not start after reboot, run:
[root@orclprod ~]# systemctl disable firewalld rm '/etc/systemd/system/basic.target.wants/firewalld.service' rm '/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service'
Now the firewall would not start after system’s reboot. To enable the firewall again run:
[root@orclprod ~]# systemctl enable firewalld ln -s '/usr/lib/systemd/system/firewalld.service' '/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service' ln -s '/usr/lib/systemd/system/firewalld.service' '/etc/systemd/system/basic.target.wants/firewalld.service'
fekrado
Данный блог — интересные статьи и переводы на разные IT темы или около IT для русскоязычного сообщества разработчиков ПО.
Поиск по этому блогу
Отключение Firewall в Oracle Linux
Отключение Firewall в Oracle Linux
# service ipchains stop
# service iptables stop
# chkconfig ipchains off
# chkconfig iptables off
- Получить ссылку
- Электронная почта
- Другие приложения
Ярлыки
- Получить ссылку
- Электронная почта
- Другие приложения
Комментарии
Отправить комментарий
Популярные сообщения из этого блога
Установка и конфигурирование Oracle Enterprise Manager 13c.
Этот пост поможет правильно установить и сконфигурировать Oracle Enterprise Manager 13c. Oracle Enterprise Manager — Это централизованный центр управления и мониторинга для всех продуктов Oracle. OEM способен управлять и мониторить и сторонние приложения и сообщать о всех критических проблемах основанные на установленных правилах установленные администратором. Первоначальные настройки системы Oracle Linux 6.7 64 Bit Virtual Machine VirtualBox 5.1.6 for Windows hosts Oracle Database 12.1.0.2 Oracle Enterprise Manager 13c Выделена оперативной памяти 12 Гб . На операционной системе Oracle Linux 6.7 64 Bit предустановлена база данных Oracle Database 12c установка которой тут не рассматривается. Предустановленные пакеты для корректной установки и настройки Oracle Management Service (OMS) make-3.81 binutils-2.20 gcc-4.4.4 libaio-0.3.107 glibc-common-2.12-1 libstdc++-4.4.4 libXtst-1.0.99 (x86_64) sysstat-9.0.4 glibc-2.12 glibc-devel-2.1
- Получить ссылку
- Электронная почта
- Другие приложения
Команды Yum (Oracle linux,Cent os, RHEL)
Шпаргалка по работе с пакетным менеджером Yum (Yellowdog Updater, Modified), который используется в популярных Linux дистрибутивах: RedHat, CentOS, Scientific Linux (и других). В целях экономии места вывод команд не представлен. отображение команд и опций #yum help список названий пакетов из репозиторий #yum list список всех доступных пакетов #yum list available список всех установленных пакетов #yum list installed установлен ли указанный пакет #yum list installed httpd список установленных и доступных пакетов #yum list all список пакетов, относящихся к ядру #yum list kernel отображение информации о пакете #yum info httpd список зависимостей и необходимых пакетов #yum deplist httpd найти пакет, который содержит файл #yum provides «*bin/top» поиск пакета по имени и описанию #yum search httpd #yum search yum получить информацию о доступных обновлениях безопасности #yum updateinfo list security вывести список групп #yum gr
- Получить ссылку
- Электронная почта
- Другие приложения
Отключить iptables oracle linux
A default Oracle Linux install has the firewall enabled (iptables on). In order to use Oracle VM Manager on a system with iptables enabled you can either open all the ports used by Oracle VM Manager, or open all ports by disabling iptables.
The ports required for the web browser connection to Oracle VM Manager are: 7001, 7002 and 15901. The ports used by the Oracle VM Servers to connect to Oracle VM Manager are: 7001, 7002 and 54321. Oracle VM Manager, in turn, connects to the Oracle VM Servers through port 8899 for Oracle VM Agent communication, and port 6900 and up for secure VNC tunneling to virtual machines (one port per VM). Be sure to open the necessary ports on the different firewalls that may be installed between different parts of your network. Follow the guidelines of in the diagram below:
To disable iptables and open all ports, enter the following commands as the root user:
# service iptables stop # chkconfig iptables off
Alternatively, open the required ports by using the iptables command as the root user:
# iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 7001 -j ACCEPT # iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 7002 -j ACCEPT # iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 15901 -j ACCEPT # iptables -A INPUT -m state --state NEW -m udp -p udp --dport 123 -j ACCEPT
To remotely connect to the Oracle VM Manager core API, also enter the following command:
# iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 54321 -j ACCEPT
When all the ports have been opened, save the iptables configuration:
This does not require iptables to be restarted as the commands open the ports while iptables is running and the save ensures they are opened on reboot/restart in future.
To configure the firewall to open the required ports automatically, use the environment configuration script provided with the Oracle VM Manager installer. See Section 3.3.2.4, “Environment Configuration Script” for information on using this script.
Copyright © 2011, 2012, Oracle and/or its affiliates. All rights reserved. Legal Notices
Oracle Database 12c on Oracle Linux 6 – Step 5: Disable the Firewall, iptables and SELINUX
Enter root as the username and click Log In.
Enter rootroot as the password (or the password you used earlier) and click Log In.
Check Do not show me this again and click Close.
Or don’t check Do not show me this again if you want to see this warning each time you log in to the X-Windows GUI as root. In general you shouldn’t be logging into the GUI as root. We’re going to do so because it will be easier to use some of the system tools (no pop-ups to log in again as root) to configure our system.
Select System -> Administration -> Firewall from the menu bar.
Click Close.
Click Disable.
Click Apply.
Select File -> Quit to close the Firewall Configuration.
Select System -> Administration -> Services from the menu bar.
Select the ip6tables service and click Disable.
Select the iptables service and click Disable.
Select Program -> Quit to close the Services Configuration.
Right-click the desktop and select Open in Terminal to open a terminal window.
Type the following command and press Enter.
gedit /etc/sysconfig/selinux
You can use Ctrl-Shift + (the plus key) to change the font size of your terminal windows. I also resize my windows to fill the whole screen. Between major command groupings I’ll also type clear to remove the previous commands from the window and start fresh.
Change SELINUX=enforcing to SELINUX=disabled.
Why disable SELINUX? According to user 546612 on the Oracle.com forums:
Depending on what pieces of Oracle you are using, there are setuid/setgid issues, there are network interactions, there is fork/exec permission stuff, shared memory, etc. Some stuff in Oracle runs as root, especially if you do RAC. There is a whole whack of IPC.
Note that Redhat recently published a paper that describes how to make SELINUX work with Oracle 11g R2 on Redhat which should work on Oracle Linux too. Since this is a test system, disabling was easier…
http://www.redhat.com/resourcelibrary/reference-architectures/deploying-oracle-11gr2-on-rhel-6
Make sure your SELINUX line reads SELINUX=disabled and Click Save.
Select File -> Quit from the menu to close gedit.